Does Porsline have any unpatched vulnerabilities?

No. All known vulnerabilities in Porsline have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Porsline compatible with WordPress 6.9.4?

According to WordPress.org data, Porsline 2.9 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Porsline compatible with PHP 7.0+?

Porsline requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Porsline updated?

Porsline was last updated on Dec 22, 2025. Frequent updates are generally a positive security signal.

What is Porsline's security score?

Porsline has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Porsline Security & Risk Analysis

wordpress.org/plugins/porsline

Porsline | Build eye-catching forms, surveys & quizzes that everybody is willing to engage!

300 active installs v2.9 PHP 7.0+ WP 6.5+ Updated Dec 22, 2025

contact-us-formform-builderform-builder-pluginregister-formsignup-form

A · Safe

CVEs total1

Unpatched0

Last CVEOct 31, 2024

Plugin page Download

Safety Verdict

Is Porsline Safe to Use in 2026?

Generally Safe

Score 99/100

Porsline has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Oct 31, 2024Updated 3mo ago

Risk Assessment

The Porsline plugin v2.9 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and performing nonce and capability checks on its entry points. It also has no known critical or high severity vulnerabilities currently unpatched, and no bundled libraries which could introduce outdated dependencies.

However, significant concerns arise from the static analysis. The plugin exposes two AJAX handlers without any authentication checks, creating a substantial attack surface for unauthorized actions. Furthermore, taint analysis reveals two flows with unsanitized paths, though these are not classified as critical or high severity. The low percentage of properly escaped output (21%) indicates a risk of Cross-Site Scripting (XSS) vulnerabilities, which can be exploited to execute arbitrary JavaScript in the user's browser.

The plugin's vulnerability history, including a past medium severity SQL injection vulnerability, suggests a recurring need for robust input validation and sanitization. While there are no currently unpatched vulnerabilities, the existence of a past SQL injection highlights a potential area of weakness. Overall, while Porsline has some strong security foundations, the unprotected entry points and unsanitized paths present immediate risks that require attention.

Key Concerns

Unprotected AJAX handlers
Flows with unsanitized paths
Low percentage of properly escaped output
Past medium severity SQL Injection vulnerability

Vulnerabilities

Porsline Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2024-51620medium · 6.5Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Porsline <= 1.0.2 - Authenticated (Contributor+) SQL Injection

Oct 31, 2024 Patched in 1.1 (183d)

Code Analysis

Analyzed Mar 16, 2026

Porsline Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

15 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

21% escaped72 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths

porsline_form_token (admin_menu.php:7)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

Porsline Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_prs_loadajax.php:2

authwp_ajax_prs_saveajax.php:12

Shortcodes 1

[porsline] shortcode.php:2

WordPress Hooks 6

actionadmin_menuadmin_menu.php:2

actionplugins_loadedinit.php:19

actionadmin_enqueue_scriptsinit.php:22

actionadmin_noticesinit.php:27

actionadmin_headinit.php:41

actionwp_footershortcode.php:42

Maintenance & Trust

Porsline Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 22, 2025

PHP min version7.0

Downloads8K

Community Trust

Rating98/100

Number of ratings9

Active installs300

Alternatives

Porsline Alternatives

WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More

wpforms-lite

The best WordPress contact form plugin. Drag & Drop form builder to create beautiful contact forms, payment forms, & other custom forms.

6.0M 14 CVEs

Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder

fluentform

Get a fast contact form plugin. Create advanced forms using drag and drop form builder with all smart features.

600K 27 CVEs

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor

metform

The most popular Elementor forms builder to create WordPress forms like contact forms, booking forms, feedback form, survey forms, application forms a …

600K 26 CVEs

Ninja Forms – The Contact Form Builder That Grows With You

ninja-forms

The 100% beginner friendly WordPress form builder. Drag & drop form fields to build beautiful, professional contact forms in minutes.

600K 75 CVEs

SureForms – Contact Form, Payment Form & Other Custom Form Builder

sureforms

The most beginner-friendly, AI Form Builder for WordPress to create contact forms, payment forms & other custom forms with advanced features, with …

400K 16 CVEs

Developer Profile

Porsline Developer Profile

porsline

1 plugin · 300 total installs

trust score

Avg Security Score

99/100

Avg Patch Time

183 days

View full developer profile

Detection Fingerprints

How We Detect Porsline

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ